[dranch at trinnet.net: [yh] Linux 2.4.6 has a semi-serious umask bug..]

Jesse Tie Ten Quee highos at highos.com
Thu Jul 19 19:33:40 PDT 2001


Yo,

I don't run 2.4 on any production machine..but i know some of you do,
problably ;)

----- Forwarded message from "David A. Ranch" <dranch at trinnet.net> -----

From: "David A. Ranch" <dranch at trinnet.net>
Subject: [yh] Linux 2.4.6 has a semi-serious umask bug..
Date: Thu, 19 Jul 2001 19:28:05 -0700
To: "Sys Admins": ;

*** {01.29.005} Linux - Linux 2.4.x kernel doesn't set UMASK

A vulnerability was found in the 2.4.x Linux kernels that causes
the kernel to not properly set the UMASK. This could result in the
creation of certain files with world-writable permissions.
This vulnerability has been confirmed and will be fixed in the
2.4.7 kernel.
Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-07/0257.html
.----------------------------------------------------------------------------.
|  David A. Ranch - Linux/Networking/PC hardware         dranch at trinnet.net  |
!----                                                                    ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'

_______
Yashy-Hack                                      http://yashy.com/list/
to unsubscribe:   echo unsubscribe | mail yashy-hack-request at yashy.com


----- End forwarded message -----

-- 
Jesse Tie Ten Quee - highos at highos dot com
-- 
Unsubscribe: send email to lfs-security-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message



More information about the lfs-security mailing list